WECON LeviStudio PLC HmiSet Type Buffer Overflow Exploit

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long HmiSet Type XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process.
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-74997
Product Version: 
2016_R1
Released Date: 
Tuesday, July 5, 2016 - 00:00